If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

Help with fuzzing

I'm trying to learn up on the topic of fuzzing, i'm using vmware workstation for the backtrack 3 & unpatched xp sp1 box. What i'm trying to do is the ultravnc 1.0.1 buffer overflow & the realvnc 3.3.7 buffer overflow. Basically when i set up the exploit on backtrack and then attempt to connect to it from the xp box all that happens is the program crashes in both cases (ultra & real). I attempted to look at the crash in olly debug but to little avail. What i would like to do is to recreate the crash manually, find a place for shellcode, and tell the program to jump to the shellcode. I appreciate any help that your willing to give. I'm basically just trying to recreate the buffer overflow to better understand how it all works. Thanks again for all your help.

I'm trying to learn up on the topic of fuzzing, i'm using vmware workstation for the backtrack 3 & unpatched xp sp1 box. What i'm trying to do is the ultravnc 1.0.1 buffer overflow & the realvnc 3.3.7 buffer overflow. Basically when i set up the exploit on backtrack and then attempt to connect to it from the xp box all that happens is the program crashes in both cases (ultra & real). I attempted to look at the crash in olly debug but to little avail. What i would like to do is to recreate the crash manually, find a place for shellcode, and tell the program to jump to the shellcode. I appreciate any help that your willing to give. I'm basically just trying to recreate the buffer overflow to better understand how it all works. Thanks again for all your help.

There's only 1 book that I know of that takes on the topic of fuzzing solely.

I have just finished reading this book. Its easy to understand if you have programming background. I can still say that I have a lot more to learn about fuzzing even after reading this book.

Do you realize that those exploits are most likely Version specific AND Operating system specific? Also do you realize that you must be using ultravnc in order to use the ultravnc exploit as the realvnc exploit will most likely not work?

Fuzzing is just part of required knowledge in order to properly exploit programs. On top of that you must know what to look for and how to write proper exploits for each program. It is a must to know how to program and have a great understanding of any protocols your target is using. Along with in-memory fuzzing and file fuzzing.

Notice that it might be possible that the exploits your trying to use have been purposely miscoded in order to keep skiddies from using them at will.

thanks hhmatt81 for your time and input. I'll def give the book a read. And i have an understanding of how buffer overflows work and why, just wanting to further my knowladge on the subject. Thanks again.

I have just finished reading this book. Its easy to understand if you have programming background. I can still say that I have a lot more to learn about fuzzing even after reading this book.

Do you realize that those exploits are most likely Version specific AND Operating system specific? Also do you realize that you must be using ultravnc in order to use the ultravnc exploit as the realvnc exploit will most likely not work?

Fuzzing is just part of required knowledge in order to properly exploit programs. On top of that you must know what to look for and how to write proper exploits for each program. It is a must to know how to program and have a great understanding of any protocols your target is using. Along with in-memory fuzzing and file fuzzing.

Notice that it might be possible that the exploits your trying to use have been purposely miscoded in order to keep skiddies from using them at will.

Jon kinda did these in reverse. The first edition was an "advanced" view at elite exploitation techniques using various overflows and network (wired/wireless) protocol/programming flaws. The second edition is a more in-deph view of, for instance, OOD(Object Oriented Design) and language architectures. I'd recommend the first edition if you are looking nito fuzzing, as the techniques shown in the book are exactly what fuzzing looks for.

"The goal of every man should be to continue living even after he can no longer draw breath." ~ShadowKill